<?php 
include('includes/confirm.php');
$page_name = friends;
require_once 'classes/Mysql.php';
//require_once 'includes/constants.php';
$mysql = New Mysql();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <?php include('includes/head.php'); ?>
<body>
<div id="wrapper">
    <?php include('includes/header.php'); ?>
    <?php include('includes/menu.php'); ?>
    
    <div id="page">
    	
	      <div id="content">
			<form method="post" action="">
				<h2> Add Friend </h2>
				<br>Friend's Username:
				<input type="text" name="username" value=""/>
				<br>Borrow Setting:
				<select name="borrow_setting">
				<?php
					$stmt=$mysql->run_query("SELECT id, name
																		FROM share_setting");
					$stmt->bind_result($_id, $_setting_name);
					while($stmt->fetch()){
						print "<option value=$_id>$_setting_name</option>";
					}
					$stmt->close();
				?>
				</select>
				<br>View Setting:
				<select name="view_setting">
				<?php
					$stmt=$mysql->run_query("SELECT id, name
																		FROM share_setting");
					$stmt->bind_result($_id, $_setting_name);
					while($stmt->fetch()){
						print "<option value=$_id>$_setting_name</option>";
					}
					$stmt->close();
				?>
				</select><br>
				<input type="submit" name="add_submit" value="Add"/>
			</from>
			<?php
				
				if($_POST && !empty($_POST['username']) && !empty($_POST['borrow_setting']) && !empty($_POST['view_setting'])){

					$stmt = $mysql->run_query("SELECT id, uname 
												FROM user
												WHERE uname = ? 
													AND id <> ?
													AND id NOT IN (SELECT id2 
																	FROM friend
																	WHERE id1=?)", $_POST['username'], $_SESSION['userid'], $_SESSION['userid']);
					$stmt->bind_result($id, $user);
					if($stmt->fetch()){
						// add user
						$stmt->close();
						$stmt = $mysql->run_query("INSERT INTO friend 
													VALUES(?, ?, ?, ?)", $_SESSION['userid'], $id, $_POST['borrow_setting'], $_POST['view_setting']);
						echo "<br><br><h4>Added User: $user<h4>";
					}
					else{
						echo "<br><br><h4>Invalid User OR User is already a friend!<h4>";
					}
				}
			?>
	      </div>
	      <!-- end div#content -->
	      <div id="sidebar">
			<ul>
				<li><h1><a href="friends.php">Browse</a></h1><br></li>
				<li><h1><a href="add_friend.php">Add</a></h1><br></li>
				<li><h1><a href="delete_friend.php">Delete</a></h1><li>
			</ul>
	      </div>
	      <!-- end div#sidebar -->
	      <div style="clear: both; height: 1px"></div>
	   
	  </div>
  
  	</div>
  	<!-- end div#page -->
    <?php include('includes/footer.php'); ?>
</div> <!-- end div#wrapper -->
</body>
</html>
